Researchers investigating the CCleaner malware outbreak have had a lucky break: The attackers' backup server shows that they pushed secondary malware onto systems at Intel, VMware, Fujitsu and Asus, among others, as part of what appears to be a very targeted attack campaign.

Freedom of Information requests sent to 430 U.K. local government councils by Barracuda Networks found that at least 27 percent of councils have suffered ransomware outbreaks. Thankfully, almost none have paid ransoms, and good backup practices appear widespread.

The perimeter continues to dissolve, and the definition of endpoint is evolving, according to results of the SANS 2016 Endpoint Security Survey, now in its third year. In it, respondents say their organizations continue to connect new and different types of endpoints, including point-of-sale (POS) devices, printers,...

Continuous monitoring (CM) begets a process of continuous improvement that works to reduce attack surface and improve security posture, according to the 2016 SANS survey on CM. In it, 63% of respondents said CM was improving their security posture.
These improvements are occurring even though continuous monitoring...

From custom malware to zero-day exploits, advanced security threats are exploding worldwide - and the sophistication of these attacks is greater than ever.
In addition to being able to detect these vulnerabilities efficiently, organizations also need to take into consideration the broader context, and associate the...

Infirmary Health System is the largest non-government healthcare team in Alabama, treating more than 100,000 patients annually. The organization deployed a security solution to qualify for meaningful use dollars and reduced security incidents significantly.
Download this case study and learn:
Why Infirmary Health...

An attack campaign involving a trojanized version of the CCleaner Windows utility, built and distributed by British developer Piriform, was much more extensive than it first appeared and may have installed backdoor software on endpoints at hundreds of large technology firms.

The arrest of 10 men in Uttar Pradesh for allegedly cloning fingerprints of authorized Aadhaar enrollment officers is once again stirring debate over whether it's wise for India to rely so heavily on Aadhaar for authentication.

In cryptocurrency we trust: The government of North Korea has been turning to bitcoin exchange heists and cryptocurrency mining - potentially using malware installed on other countries' systems - to evade sanctions and fund the regime, security experts say.

Ransomware variants are implementing new, innovative techniques that employ unknown binaries and non-malware tactics to evade and bypass traditional defenses. Their encryption techniques go beyond simple files and shares to make it even harder to restore using backups; and their targets are increasingly becoming...

Leading the latest edition of the ISMG Security Report: Observations about America's standing as a global cybersecurity leader from Christopher Painter, who until earlier this summer served as the United States' top cyber diplomat. Also, threats posed by IoT devices.

The ISMG Security Report leads with views on a novel way to fund the growth of the United States military's Cyber Command by seizing assets such as digital currencies from hackers and other criminals. Also, we offer tips on how to recruit scarce IT security pros.

A list of weak credentials for vulnerable Internet of Things devices has prompted a new effort to notify their owners. The fear is of another mass, IoT-fueled DDoS attack along the lines of last year's Mirai attacks.